In August 2022, the USENIX Security Symposium published ground-breaking cybersecurity research papers by two UT Dallas computer science professors, Dr. Shiyi Wei and Dr. Kangkook Jee. Dr. Wei’s paper additionally received the symposium’s Distinguished Paper Award, identifying it as one of the top cybersecurity discoveries of the year.
Started in 1988, the USENIX Security Symposium has been one of the top scientific venues for publishing cybersecurity research. It brings together researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in the security and privacy of computer systems and networks. This year’s event, held from August 10-12 in Boston, Massachusetts, included 256 accepted papers—the largest in the symposium’s history—with an acceptance rate of 18%. The stringent review process included multiple rounds, with 46% of submissions rejected at the first round, 8% accepted after the second round, and an additional 16% accepted after a further round of major revision.
Dr. Wei’s research improves fuzz testing—a quality assurance technique used to discover coding errors and security loopholes in software. Co-authors of his award-winning paper entitled “FIXREVERTER: A Realistic Bug Injection Methodology for Benchmarking Fuzz Testing,” include Dr. Michael Hicks, a professor of computer science at The University of Maryland Institute for Advanced Computer Studies, and UT Dallas doctoral students Zenong Zhang and Zach Patterson. Wei first began collaborating with Hicks while a postdoc at The University of Maryland from 2015-2017.
Their paper offers a tool and new protocols to help assess rapidly evolving fuzz testing methods currently used by programmers. The approach evaluates competing fuzz testing techniques by automatically injecting realistic bugs into programs and discovering which technique is best at finding the inserted bugs. It does so by accepting a bugfix pattern as input, which contains both code syntax and semantic conditions. Any code site that matches the specified syntax is undone if the semantic conditions are satisfied, as checked by static analysis, thus (re)introducing a likely bug.
Dr. Jee’s research improves cyberattack diagnosis and triage, which is essential for organizations struggling to recover from attacks. His paper, entitled “Back-Propagating System Dependency Impact for Attack Investigation”, proposes a novel learning-based cyberattack graph summarization approach. Advanced security solutions such as End-host Detection and Response (EDR) have widely used system provenance graphs to automate various security analysis tasks. But these approaches have struggled to cope with enormous graph size and complexity. Jee’s research addresses this challenge by implementing an ML-based graph summarization approach. To build a performant model, it leverages various public and private cyber threat intelligence sources beyond the low-level system events collected and reported from each end-host.
Co-authors of Jee’s work include Pengcheng Fang (Case Western Reserve University), Peng Gao (Virginia Tech), Changlin Liu and Erman Ayday (Case Western Reserve University), Ting Wang (Penn State University), Yanfang “Fanny” Ye (Case Western Reserve University), Zhuotao Liu (Tsinghua University), and Xusheng Xiao (Case Western Reserve University).
Professors Wei and Jee are both members of the Cyber Security Research and Education Institute at UT Dallas, directed by Dr. Kevin Hamlen. “Equipping the next generation of cyber warriors means pushing the scientific envelope and engaging students in the latest advances, which is exactly what Professors Wei and Jee are accomplishing with these outstanding new innovations,” said Hamlen.
ABOUT THE UT DALLAS COMPUTER SCIENCE DEPARTMENT
The UT Dallas Computer Science program is one of the largest Computer Science departments in the United States with over 4,000 bachelors-degree students, more than 1,010 master’s students, 140 Ph.D. students, 52 tenure-track faculty members, and 42 full-time senior lecturers, as of Fall 2021. With the University of Texas at Dallas’ unique history of starting as a graduate institution first, the CS Department is built on a legacy of valuing innovative research and providing advanced training for software engineers and computer scientists.